Reentrancy vulnerabilities in `ChoosingRam::increaseValuesOfParticipants(uint256,uint256)` and `RamNFT::mintRamNFT(address)`
Summary
Detection of the reentrancy bug. Only report reentrancy that acts as a double call.
Vulnerability Details
ramNFT.updateCharacteristics(tokenIdOfAnyPerticipent,true,true,true,true,true) (src/ChoosingRam.sol#77)
State variables written after the call(s):selectedRam = ramNFT.getCharacteristics(tokenIdOfAnyPerticipent).ram (src/ChoosingRam.sol#78)
_safeMint(to,newTokenId) (src/RamNFT.sol#51)
- retval = IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,data) (lib/openzeppelin-contracts/contracts/token/ERC721/ERC721.sol#467-480)
State variables written after the call(s):Characteristics[newTokenId] = CharacteristicsOfRam({ram:to,isJitaKrodhah:false,isDhyutimaan:false,isVidvaan:false,isAatmavan:false,isSatyavaakyah:false}) (src/RamNFT.sol#53-60)
Impact
The reentrancy is benign because it's exploitation would have the same effect as two consecutive calls.
Tools Used
Slither
Recommendations
Apply the check-effects-interactions pattern.
Lead Judging Commences
Info/Gas/Invalid according to docs
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.